<?php
/**
 * Prado Portal.
 *
 * @author Steen Rabol <steen.rabol@gmail.com>
 * @link http://www.pradoportal.dk/
 * @copyright Copyright &copy; 2006,2007,2008 Steen Rabol
 * @license http://www.pradoportal.dk
 * @version $Id: PortalUserManager.php 387 2010-12-22 14:06:40Z steen.rabol $
 * @package Pradoportal.Common
 *
 */

Prado::using('System.Security.IUserManager');
Prado::using('Application.Common.PortalUser');

/**
 *
 * @package Pradoportal.Common
 */
class PortalUserManager extends TModule implements IUserManager
{
	private $_UserTable		= null;
	private $_GroupTable	= null;
	private $_GuestName		= 'Guest';
	private	$_db			= null;

	public function getDataAccess()
	{
		if($this->_db === null)
		{
			$this->_db		= $this->Application->DbConnection;

			if(!$this->_db->Active)
			{
				$this->_db->Active = true;
			}
		}

		return $this->_db;
	}

	public function validateUser($name, $password)
	{
		// NULL or empty values are not allowed
		if ($password === null || $password === '')
		{
            PortalUtil::Log('Password is null or empty');
			return false;
		}

		$db			= $this->DataAccess;
		$sql		= "select name, password,status from " . $this->_UserTable . " where name='$name'";
		$row		= $db->createCommand($sql)->queryRow();
        
		// NULL means we have disabled account
		if ($row == false)
		{
            PortalUtil::Log("User $name not found");
			return false;
		}

		if($row['status'] == 1)
		{
			throw new PortalException(1,Prado::localize("Your account have been disabled. Contact the web site administrator"));
		}

		if($row['status'] == 2)
		{
			throw new PortalException(1,Prado::localize("Your account is pending approval. Contact the web site administrator"));
		}
		
		$md5password	= md5($password);
		$hmd5password	= hash("md5",$password);
		$sha256password	= hash("sha256",$password);
		$sha1password	= hash("sha1",$password);

		if($md5password == $row['password'])
		{
			$password = $md5password;
		}
		else if($hmd5password == $row['password'])
		{
			$password = $hmd5password;
		}
		else if($sha256password == $row['password'])
		{
			$password	= $sha256password;
		}
		else if($sha1password == $row['password'])
		{
			$password = $sha1password;
		}
		else
		{
			return false;
		}

		// Additional checking (in case of SQL injection)
		if ($row['name'] == $name && $row['password'] == $password)
        {
            return true;
        }
        else
        {
            return false;
        }
	}

	public function getUser($name = NULL)
	{
		// If no username was given then it must be guest.
		if ($name === null)
		{
			$user = new PortalUser($this);
			$user->IsGuest	= true;
			$user->Name		= "Guest";
			$user->FullName	= "Guest User";
			$user->Id		= TPropertyValue::ensureInteger(0);
			$user->RoleId	= TPropertyValue::ensureInteger($this->Application->Parameters['MinRole']);

			return $user;
		}
		else
		{
			$db			= $this->DataAccess;
			$sql		= "select u.*,r.id as rolid,r.name as rolename from tblusers as u, tblroles as r where r.id = u.role && u.name='$name'";
			$row		= $db->createCommand($sql)->queryRow();

			// If we have such user in DB then create new User and
			// return it.
			if ($row)
			{
				$user = new PortalUser($this);
				$user->Id		= $row['id'];
				$user->Name		= $name;
				$user->FullName	= $row['full_name'];
				$user->RoleId	= $row['role'];
				$user->Email	= $row['email'];
				$user->RegTime	= $row['reg_time'];
				$user->Status	= $row['status'];
				$user->SiteNews	= $row['sitenews'];
				$user->IsGuest	= false;
				$user->Culture	= $row['culture'];
				return $user;
			}
			else
			{
				return NULL;
			}
		}
	}

	public function switchToGuest($user)
	{
		$user = $this->getUser();
	}

	public function getUserTable()
	{
		return $this->_UserTable;
	}

	public function setUserTable($UserTable)
	{
		$this->_UserTable = TPropertyValue::ensureString($UserTable);
	}

	public function getGroupTable()
	{
		return $this->_GroupTable;
	}

	public function setGroupTable($GroupTable)
	{
		$this->_GroupTable = TPropertyValue::ensureString($GroupTable);
	}

	public function getGuestName()
	{
		return $this->_GuestName;
	}

	public function setGuestName($value)
	{
		$this->_GuestName = TPropertyValue::ensureString($value);
	}

	/**
	 * Saves user auth data into a cookie.
	 * @param THttpCookie the cookie to receive the user auth data.
	 * @since 3.1.1
	 */
	public function saveUserToCookie($cookie)
	{
		// do nothing since we don't support cookie-based auth
	}

	/**
	 * Returns a user instance according to auth data stored in a cookie.
	 * @param THttpCookie the cookie storing user authentication information
	 * @return TUser the user instance generated based on the cookie auth data, null if the cookie does not have valid auth data.
	 * @since 3.1.1
	 */
	public function getUserFromCookie($cookie)
	{
		// do nothing since we don't support cookie-based auth
		return null;
	}
}
?>